Follow-up on Extended Life Cycle
Tim Burke
tburke at redhat.com
Tue Jul 21 12:25:16 UTC 2009
Jesse Keating wrote:
> On Mon, 2009-07-20 at 21:18 -0400, Paul W. Frields wrote:
>
>> It has
>> been something like 4 years since the Fedora Legacy project ended, and
>> if you have a sizable labor pool you can eliminate one of the main
>> reasons that happened.
>>
>
> Note, to maintain Critical Security updates, which is essentially what
> RHEL does once a RHEL release reaches it's maintenance mode, RH Security
> team estimates that a single full time person can handle the work load.
> This is a sizable pool when compared to what Fedora Legacy worked with,
> and Legacy's target was much more broad, and the infrastructure much
> less helpful.
>
>
I'm guessing that this 1 fulltime person in a security response team
role is to track, monitor, and coordinate the issues that need to be
addressed. Which in many cases is different from the devel, releng and
test aspects - necessitating much more than 1 fulltime person's worth of
work to pull off the broader initiative. Right?
More information about the fedora-advisory-board
mailing list